Connecting the New World with the Old World via Commerce and Dialog

Tag: industrial espionage

An insider in China has revealed to the Epoch Times that he helped build a database that is now being used to handle Americans’ personal information stolen in cyberattacks.
The FBI revealed on June 4, 2015, that a cyberattack, allegedly from China, stole personal information on close to 21.5 million U.S. federal employees after breaking into the computer files of the Office of Personnel Management (OPM). Subsequent Chinese cyberattacks have also targeted personal data on Americans, including the February 2015 breach of Anthem that stole close to 80 million records.
Speculation began soon after on how the Chinese regime could use the data. A July 2015 report from the Congressional Research Service states “experts in and out of government” suspect the Chinese regime may be building a database on federal employees it could use for espionage.
With a database like this, the Chinese regime can have a systematic roadmap of Americans and their connections, and information it can use to blackmail government employees, recruit insiders as spies, and monitor people who speak out against its policies.
FBI Director James Comey said in a Sept. 10, 2015, hearing on cybersecurity, “There is a significant counterintelligence threat that’s associated” with a nation–state getting hold of the data.
According to the insider, the Chinese Communist Party (CCP) has built the database needed to make use of the massive trove of stolen data. He said that to create the spy database, the CCP brought in a small group of independent software developers from the United States, who worked alongside Chinese security branches to implement the system.
The source requested to have his name withheld, in fear of reprisal from the CCP. Other sources confirmed this man’s identity, and said that he would have access to the kind of information he gave the Epoch Times. In the past, he has provided the Epoch Times with significant information about confidential matters in China that has proven accurate.
(Illustration by Jens Almroth/Epoch Times)
The new system is part of a broader shift in the Chinese regime’s efforts in espionage and social control. With the database, the CCP is now keeping tabs on foreigners in much the same way it has kept tabs on its own citizens, their connections, and their political thoughts.
Chinese spy agencies finished building the system around July 2013. In March 2014, Chinese hackers originally tried, and failed, to breach OPM.
The source said one of the leading organizations involved in the project was the 61 Research Institute, which is one of four known research institutes under the Third Department of the General Staff Department—the branch of the People’s Liberation Army in charge of its military hackers.
The Epoch Times exposed in a previous investigation that the 61 Research Institute is one of the leading organizations behind the CCP’s state-run cyberattacks.
The organization is led by Wang Jianxin, a son of Wang Zheng, who helped establish the CCP’s signals intelligence operations under Mao Zedong.
While the 61 Research Institute’s role in the project ties it to global cyberespionage, the source said many other Chinese domestic security branches were also involved in building the system—including various branches of the police and about six branches of the secret police.
The functions of the spy system, and the departments involved, suggest it will be used not only as a database on foreigners, but also as a system to better monitor Chinese people. The source noted that one of its functions will be to gather information on individuals from all available sources in China, and outside China, that can be used for criminal trials.
“Our intelligence sources corroborate this information,” said Casey Fleming, CEO of BLACKOPS Partners Corporation, which provides cybersecurity intelligence, strategy, and risk reduction to some of the largest companies in the world.
“Our ongoing intelligence gathering shows indication that this database has been in process at least over the last three years—commanded at the highest levels of the Chinese government,” he said in a phone interview.
Big Data Espionage
According to the source, the software used for the database was originally a big data analytics program for smart city measurements, and the CCP altered it for its own uses.

Chinese hackers stole personal information on approxiamtely 21.5 million Americans from the computer files of the U.S. government’s Office of Personnel Management. (Chinamil.com.cn)
What made the software attractive was its powerful functions for gathering information, and showing relationships between data. The source said it was also scalable—enough to hold credentials on every Chinese citizen, and to display everything from their personal data, to data on their family members, relations, and personal background.

The spy database displays data in nodes, which can be displayed by themselves, in relation to other data or events.
The system is capable of ingesting and sorting large amounts of data. The source noted the spy database is even better at this than some open source programs designed for the purpose.
A security service using the system could conduct deep data mining on personal files in the system, to show how individuals relate to one another, even over set timeframes.
The system can also be used to collect data on individuals. The source said it can gather information on people from Chinese security offices, from its own internal database, and from sources abroad, outside the Chinese firewall.
According to the source, getting personal data on foreigners—including Americans—is fairly easy. He said it’s often not necessary for the Chinese regime to use cyberattacks to steal sensitive information.
He said U.S. banks, for example, often hire many people from other countries, and many tech industries do the same. Many of these individuals can be given trusted positions within these companies, and he said it’s not uncommon for some of these individuals to take data out of the companies, and sell it.
It’s not difficult, he said, to create a fairly deep profile on a person using data stolen from just a handful of sources.
The Chinese spy system he helped build, he said, takes this information and organizes it in a form that departments of the Chinese regime can then use—whether it be for industrial espionage, or other purposes.
Fleming said that although the most visible Chinese cyberattacks feeding

This news analysis was originally dispatched as part of Epoch Times China email newsletters. Subscribe to the newsletters by filling your email in the “China D-brief” box under this article.

Targets of major Chinese cyberattacks in 2015 could hint at what industries will be hit this year, according to a new report from cybersecurity company CrowdStrike.
Personal records of more than 22 million U.S. federal employees were stolen from the Office of Personnel Management, in a cyberattack announced in June 2015. It followed another attack on the Anthem health insurance company, where hackers stole close to 80 million records.
Hints at the new direction can be found in the Chinese Communist Party’s 13th Five-Year-Plan, which was released in November 2015 and should be finalized early this year.
“These plans typically provide a roadmap for what China will target using cyber means,” the report states.
The Chinese regime is trying to push out foreign technology, in favor of domestic technology, and is also trying to build a middle class.
“The combination of China becoming increasingly distrustful of western information technology and a desire to promote its own sectors of industrial manufacturing and retail may lead to a gradual tapering off of targeting against these sectors,” the report says.
It says Chinese hackers may instead focus on areas including agriculture, healthcare, and alternative energy, which “China deems crucial to promoting the wellbeing of its growing middle class, and where it has the most technological gaps.”
These would add to the list of industries the Chinese regime has already identified for theft. Under Project 863, Chinese hackers and spies target nine industries including biotechnology, information technology, automation, and telecommunications.
The U.S. Office of the National Counterintelligence Executive said in a 2011 report that Project 863 “provides funding and guidance for efforts to clandestinely acquire U.S. technology and sensitive economic information.”
The Chinese hackers may start broadening their nets as well. Instead of just going after intellectual property, the Crowdstrike report says they may go after basic know-how “such as building native supply chains and administrative expertise.”
I’ve reported previously that Chinese were already going after this type of information. They’re looking at everything from how companies are managed, to how they market their products.
It may now be even more so, however, since the Chinese regime is making a serious effort to push out foreign firms and take the place they once occupied.
MORE:Cyberattack From China Targets Epoch Times and New Tang Dynasty TelevisionCHINA SECURITY: Chinese Electronics Force You to Abide by Chinese Censorship
The report says we may also see some changes—at least in the short term—in how the Chinese hackers operate, since the Chinese regime is undergoing a structural shift, set to be completed by 2020.
Hackers in the Chinese military may see their new positions sooner. The report says, “cyber will likely be a priority due to China’s emphasis on winning informatized wars, meaning that the shift may be observed soonest in that arena.”
In the meantime, it says, some of the Chinese cyberattacks may be carried out by its civilian intelligence agencies and associated contractors—such as the Ministry of Public Security.